Section: .. / 0604-advisories /
| /// File Name: |
W-AgoraXSS.txt |
Description:
|
W-Agora version 4.20 is susceptible to cross site scripting attacks.
| | Author: | r0xes.ratm | | File Size: | 1361 | | Last Modified: | Apr 30 00:18:27 2006 |
| MD5 Checksum: | 537ec81ac86fd2a483ed0ffe12bc2cd0 |
|
| /// File Name: |
textfilebbXSS.txt |
Description:
|
TextFileBB is susceptible to three cross site scripting vulnerabilities.
| | Author: | r0xes.ratm | | File Size: | 2099 | | Last Modified: | Apr 30 00:16:55 2006 |
| MD5 Checksum: | dc38b40236d1084fcd97edac17ed6b3b |
|
| /// File Name: |
LandDownUnder.txt |
Description:
|
Land Down Under 802 and below suffer from a path disclosure vulnerability.
| | Homepage: | http://Aria-Security.net | | File Size: | 1458 | | Last Modified: | Apr 28 21:46:41 2006 |
| MD5 Checksum: | cf438c534aa71ec36ac81b7aaa160cea |
|
| /// File Name: |
yahoo-xss-2.txt |
Description:
|
Description of a Yahoo! Mail XSS vulnerability that has been patched silently by Yahoo.
| | Author: | Cesar | | File Size: | 2304 | | Last Modified: | Apr 28 21:29:20 2006 |
| MD5 Checksum: | 3ef71a9ee64288891dd09692c33d1a05 |
|
| /// File Name: |
Secunia-Salamander.txt |
Description:
|
Secunia Research 28/04/2006 - Servant Salamander unacev2.dll Buffer Overflow Vulnerability - Secunia Research has discovered a vulnerability in Servant Salamander, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/ | | File Size: | 3428 | | Last Modified: | Apr 28 21:26:45 2006 |
| MD5 Checksum: | 6756d93d5103a222cef27135b7cfd662 |
|
| /// File Name: |
ECHO_ADV_31_2006.txt |
Description:
|
[ECHO_ADV_31$2006] Sws Web Server 0.1.7 Strcpy() & Syslog() Format String Vulnerability. A format string vulnerability in Sws Web Server allows remote attackers to cause the program to execute arbitrary. The format string vulnerability and buffer overflow can be found in sws_web_server.c ayardosyasi.h file.
| | Author: | ECHO_ADV | | Homepage: | http://advisories.echo.or.id/ | | File Size: | 2937 | | Last Modified: | Apr 28 21:25:40 2006 |
| MD5 Checksum: | 95a30061d7337115db1d1840d78a8877 |
|
| /// File Name: |
Cireos.txt |
Description:
|
Cireos Portal from SirceOS suffers from XSS in buscar.php.
| | Homepage: | http://www.aria-security.net | | File Size: | 704 | | Last Modified: | Apr 28 21:23:00 2006 |
| MD5 Checksum: | aaa2e8f30230a77ae0ca80e20399f370 |
|
| /// File Name: |
AD20060428.txt |
Description:
|
There is a vulnerability exists in WinISO and UltraISO, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability has been confirmed in version WinISO 5.3,UltraISO V8.0.0.1392, PowerISO v2.9,Magic ISO 5.0 Build 0166
| | Homepage: | http://secway.org | | Related File: | PoC.iso.bin | | File Size: | 3289 | | Last Modified: | Apr 28 21:21:34 2006 |
| MD5 Checksum: | f774737162f3f7718e685159e8d2addd |
|
| /// File Name: |
IE-UserInterface.txt |
Description:
|
Microsoft Internet Explorer suffers from a potential user interaction race in its handling of security dialogs. As a result, it may be possible for a malicious web site to install software on a visiting system or take other actions that may compromise the privacy or the security of the visitor.
| | Author: | Matthew Murphy | | Homepage: | http://student.missouristate.edu/m/matthew007/advisories.asp?adv=2006-02 | | File Size: | 13323 | | Last Modified: | Apr 28 21:19:53 2006 |
| MD5 Checksum: | 6eaac5db57a5b06689dc6f14bcce938e |
|
| /// File Name: |
EEYEB-20060227.txt |
Description:
|
eEye Digital Security has discovered a critical vulnerability in Juniper Networks SSL-VPN Client ActiveX Control. JuniperSetup.ocx ActiveX control is automatically loaded through the web interface of Juniper Networks SSL-VPN. There is an exploitable buffer overflow in the handling a parameter of ActiveX control that will allow a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code though the web browser.
| | Homepage: | http://www.eeye.com/ | | File Size: | 3952 | | Last Modified: | Apr 28 21:18:37 2006 |
| MD5 Checksum: | acbdd272cf9a87bfaa3c00f312ca0440 |
|
| /// File Name: |
OpenBulletinBoard.txt |
Description:
|
Open Bulletin Board suffers from multiple XSS and SQL injection vulnerabilities.
| | Author: | qex | | File Size: | 223 | | Last Modified: | Apr 28 21:17:15 2006 |
| MD5 Checksum: | 9d2b6aecb7e49650e8a770fc8564c014 |
|
| /// File Name: |
cisco-sa-20060126-vpn.txt |
Description:
|
Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack. A malicious user may be able to send crafted packets to a concentrator which may cause the device to halt and/or drop user connections. The power must then be reset on the device to recover.
| | Homepage: | http://www.cisco.com | | File Size: | 14474 | | Last Modified: | Apr 28 21:16:30 2006 |
| MD5 Checksum: | da29984048b1834dceeaa6299ad0ceaa |
|
| /// File Name: |
MySmartBB-1.1.x.txt |
Description:
|
MySmartBB v1.1.x suffers from SQL injection and XSS.
| | Author: | BoNy-m | | File Size: | 453 | | Last Modified: | Apr 28 21:15:48 2006 |
| MD5 Checksum: | ff425bd76f857fd8b3610536b665f564 |
|
| /// File Name: |
DevBB-1.0.0.txt |
Description:
|
DevBB versions less than or equal to 1.0.0 suffer from XSS.
| | Author: | qex | | File Size: | 124 | | Last Modified: | Apr 28 21:14:23 2006 |
| MD5 Checksum: | 99ee68e89602af03815e2ede19284aa3 |
|
| /// File Name: |
Secunia-SpeedProject.txt |
Description:
|
Secunia Research 26/04/2006 - SpeedProject Products ACE Archive Handling Buffer Overflow: Secunia Research has discovered a vulnerability in various SpeedProject products, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/secunia_security_advisories/ | | File Size: | 3861 | | Last Modified: | Apr 28 21:13:29 2006 |
| MD5 Checksum: | 71ab68726c4ce180e48b726ad86e0a15 |
|
| /// File Name: |
EV0125.txt |
Description:
|
eVuln ID: EV0125 - warforge.NEWS SQL Injection and Multiple XSS Vulnerabilities.
| | Author: | Aliaksandr Hartsuyeu | | Homepage: | http://evuln.com/ | | File Size: | 1165 | | Last Modified: | Apr 28 21:12:17 2006 |
| MD5 Checksum: | eb25b5b1645cb206f4c5d24728f2703f |
|
| /// File Name: |
SSRT061148-1.txt |
Description:
|
HPSBMA02113 SSRT061148 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update April 2006: Oracle(R) has issued a Critical Patch Update which contains solutions for a number of potential security vulnerabilities. These vulnerabilities may be exploited locally or remotely to compromise the confidentiality, availability or integrity of Oracle for OpenView (OfO).
| | Homepage: | http://www.hp.com | | File Size: | 8061 | | Last Modified: | Apr 28 21:05:46 2006 |
| MD5 Checksum: | 8d18e73b7da99433a37969f6c0814671 |
|
| /// File Name: |
SSRT051074-4.txt |
Description:
|
HPSBUX02075 SSRT051074 rev.4 - HP-UX Running xterm Local Unauthorized Access: A potential security vulnerability has been identified with HP-UX running xterm. The vulnerability could be exploited by a local user to gain unauthorized access.
| | Homepage: | http://www.hp.com | | File Size: | 7264 | | Last Modified: | Apr 28 21:04:39 2006 |
| MD5 Checksum: | ecbeda06feed5582c535d393f5be5281 |
|
| /// File Name: |
SSRT061133-9.txt |
Description:
|
HPSBUX02108 SSRT061133 rev.9 - HP-UX running Sendmail, Remote Execution of Arbitrary Code
| | Homepage: | http://www.hp.com | | File Size: | 10995 | | Last Modified: | Apr 28 21:03:54 2006 |
| MD5 Checksum: | c2ea59897237b1015a5d3f5ea829a86d |
|
| /// File Name: |
ZDI-06-011.txt |
Description:
|
ZDI-06-011: Mozilla Firefox Table Rebuilding Code Execution Vulnerability. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Mozilla/Firefox web browser and Thunderbird e-mail client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious e-mail.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2425 | | Last Modified: | Apr 28 21:02:49 2006 |
| MD5 Checksum: | e7653be784ba9888857807b479e13c12 |
|
| /// File Name: |
glsa-200604-18.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-18 - Several vulnerabilities were found in Mozilla Suite. Version 1.7.13 was released to fix them. Versions less than 1.7.13 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 5546 | | Last Modified: | Apr 28 20:59:30 2006 |
| MD5 Checksum: | 95005cf1fb52e3c3eb4d5ad375a5e2d0 |
|
| /// File Name: |
USN-275-1.txt |
Description:
|
Ubuntu Security Notice 275-1: multiple vulnerabilities in mozilla.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 26268 | | Last Modified: | Apr 28 20:59:19 2006 |
| MD5 Checksum: | ac004322e7c051a3f99c46605444723d |
|
| /// File Name: |
USN-274-1.txt |
Description:
|
Ubuntu Security Notice 274-1: A logging bypass was discovered in the MySQL query parser. A local attacker could exploit this by inserting NUL characters into query strings (even into comments), which would cause the query to be logged incompletely.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 9493 | | Last Modified: | Apr 28 20:58:55 2006 |
| MD5 Checksum: | fc12df206692e97ce1d4ceca1655a86c |
|
| /// File Name: |
dsa-1046-1.txt |
Description:
|
Debian Security Advisory 1046-1: several security related problems have been discovered in Mozilla.
| | Homepage: | http://www.debian.org/security | | File Size: | 36514 | | Last Modified: | Apr 28 20:58:48 2006 |
| MD5 Checksum: | 8978f0743574f1d452d153dab3ce61b2 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
